<?php

class Users

{

                /*function to get all the countries the site supports*/  
                  
                function getCountrySelectBox($selected_country,$name='country_selector',$id='country_selector',$class=''){
	        $selectbox = "<select name='$name' id='$id'>";
	        $query = "SELECT * FROM `country`";
	        $res = mysql_query($query);
	        while($row = mysql_fetch_assoc($res)){
		if($selected_country ==$row['iso']){
			$selectbox.="<option value='$row[iso]' selected='selected'>$row[printable_name]</option>";
		}	
		else{
			$selectbox.="<option value='$row[iso]'>$row[printable_name]</option>";
		}	
	        }
	        $selectbox.="</select>";
	        return $selectbox;
                }

                /*end function */

                /*function to get the total earnings on the site*/

                function getTotalEarnings(){
                        $query = "SELECT sum( `amount` ) AS `total_earnings` FROM `earnings`";
                        $rs = mysql_query($query);
			$row = mysql_fetch_assoc($rs);
			$nothing = 0;
			if($row['total_earnings'] < 0.01) {
			return $nothing;
			} else {
                        return $row['total_earnings'];
                        }
		}
		
		/*end function */
		
		/*function to register a member to the site*/
		
		function registerUser($post_array){
			
		if($this->userExists($post_array['username'], $post_array['email'])){
		$user_exists = 1;			
		}				
		else{		
			
			$user_exists = 0;
		}
		if($user_exists == 0){
			
			$user_name = clean($post_array['username']);
			$email = clean($post_array['email']);
			$name = clean($post_array['name']);
			$address = clean($post_array['address']);
			$country = clean($post_array['country_selector']);
			$contact_number = clean($post_array['contact_number']);
			$password = md5($post_array['password']);	
			$ref_id = 0;
			if(isset($_POST['referral'])){
			$ref_id = $_POST['referral'];
			}	
			$status = 0;
			$created_on = date('Y-m-d H:i:s');
			$random = md5($post_array['password']);			
			
			$sql = "INSERT INTO `users` SET `username`='$user_name', `email` = '$email', `name` = '$name', 
			`address` = '$address',`contact_number` = '$contact_number', `password`='$password', 
			`status` = '$status', `random` = '$random', `country_iso` = '$country', `referrer_id` = '$ref_id', `created_on` = '$created_on'"; 
			
			if(mysql_query($sql)) {					
				$this->sendLoginInfo($email, $user_name, $post_array['password'], $random);	
				return 1;
			}
			else {
			       return -1;
	                }	
	                }
		         
		         /*end function */
		         
		         
		         /*function to check if email exists on registration*/
		         
		          function emailExists($email)
	                  {	
	                  $query = "select email from users where email='$email'";
	                  $rs = mysql_query($query);
	                  $cnt = mysql_num_rows($rs);
		          if($cnt>0){
			  return true;
		          } else {
			  return false;	
		          }
                          }
                          }
	                  
	                  /*end function */
	                  
	                  
	                  /*function to check if email exists with valid activation code*/
		         
		          function emailActivationExists($email,$random)
	                  {	
	                  $query = "select email, random from users where email='$email' and random='$random'";
	                  $rs = mysql_query($query);
	                  $cnt = mysql_num_rows($rs);
		          if($cnt>0){
			  return true;
		          }
		          else{
			  return false;	
		          }
                          }
	                  
	                  /*end function */
	                  
	                  
	                  /*function to check if the user is banned when logging in*/
	                  
	                  function CheckBan($email,$password)
	                  {	
	                  $password = md5($password);
	                  $query = "select status, email, password from users where email='$email' and password='$password'";
	                  $rs = mysql_query($query);
	                  $row = mysql_fetch_assoc($rs);
			  if($row['status'] == '-1') {
			  return true;
		          }
		          else{
			  return false;	
		          }
                          }
	
	                   /*function to find if the username already exsits*/
	                   
	                   function userExists($username,$email)
	                   {
		           $query = "select `id` from `users` where `username` = '$username' OR `email` = '$email'";
                           $rs = mysql_query($query);
                           $cnt = mysql_num_rows($rs);
		           if($cnt>0){
			   return true;
		           }
		           else{
			   return false;	
		           }
                           }
                           
                           /*end function */
                           
                           /*function to send user activation link*/
                           
                           function sendLoginInfo($email, $username, $password , $random)
	                   {		
		            global $settings;
		            $to = $email;
		            $senders_name = $settings->getSiteTitle();
		            $from = $settings->getSiteEmail();
		            $url = $settings->getSiteURL();
		            $sub = "Account Details - Activation";
		            $sitePath= $url."activate.php?random=$random";
		            $msg  = "Dear $username,<br /><br />";  
		            $msg .= "Thank you for registering at $senders_name. 
		            Before we can activate your account one last step must be taken to complete your registration.<br /><br />";
		            $msg .= "To complete your registration, please visit this URL:<br />";
		            $msg .= "<a href=\"$sitePath\">Click to confirm</a> <br /><br />";
		            $msg .= "Your Email is : $email <br />";
		            $msg .= "Your activation code is : $random <br /><br />";
		            $msg .= "All the best.";
		            $headers = "MIME-Version: 1.0\n" ;
                            $headers .= "Content-Type: text/html; charset=\"iso-8859-1\"\n";	
                            $headers .= "Reply-To: $to" . "\r\n";
                            $headers .= "From: ".$from . "\r\n";				
                             mail($to, $sub, $msg, $headers);		
	                   }
			   
			   /*end function */
			   
			   /*function to confirm users via activation page*/
			   
			   function confirmEmail($email, $random){
			   if($this->emailActivationExists($email,$random)){
			   $user_exists = 1;
			   } else {		
			   $user_exists = 0;
		           }	
		           if($user_exists == 1){
		           $SQL = "UPDATE `users` SET `status` = '1' WHERE `email` = '$email' and `random` = '$random' ";
		           $rs = mysql_query($SQL);
		           $num_rows = mysql_affected_rows(); 
		           if($num_rows>0){
			   $SQL = "UPDATE `users` SET `random` = 'completed' WHERE `email` = '$email' ";
			   $rs = mysql_query($SQL);
			   return true;
		           } else {
			   return false;
		                  }		
	                   }
	                   }
	                   
	                   /*end function */
	                   
	                   /*function to check if the login is valid */
	                   
	                  function is_loginValid( $username, $password ){	
		          global $ado;
		          $password = md5($password);
		          $sql = "SELECT * FROM  `users` WHERE `username`  = '$username' and`password`   = '$password' and `status` = '1' LIMIT 1 "; 	          $res = $ado->exec($sql);
		          if($ado->count($res) >0)
		          {	
		          $user_details = $ado->fetch($res);
			  return($user_details);			
			  } else {
		          return -1;
		                 }
	                   }
	                   /*end function */ 
	                   
	                   /*function to retrieve account email via session id*/
	                   
	                   function getEmailAddress(){
		           $res = "SELECT `email` FROM `users` WHERE `id` = '$_SESSION[userid]'";
		           $rs = mysql_query($res);
		           $row = mysql_fetch_assoc($rs);
		           return $row['email'];
	                   }
	
	                   /*end function */
	                   
	                   /*function to retrieve account status via session id*/
	                   
	                   function getUserStatus(){
		           $res = "SELECT `status` FROM `users` WHERE `id` = '$_SESSION[userid]'";
		           $rs = mysql_query($res);
		           $row = mysql_fetch_assoc($rs);
		           return $row['status'];
	                   }
	
	                   /*end function */
	                   
	                   /*function to log the user out*/
	                   
	                   function logout(){	
		           if(isset($_SESSION)){ 	 
			   session_unset(); 
			   session_destroy();  
		           } else {
			  session_start();
			  session_unset(); 
			  session_destroy();  
		          }
		          }
		          
		          /*end function */
		          
		          /*function to check if the user is logged in*/
		          
		          function isUserLoggedIn(){		
		          if(isset($_SESSION['userid']) and isset($_SESSION['username']) and isset($_SESSION['email']) ){
			  return 1;	
		          } else {
			  return 0;
		             }		
	                  } 
	                  
	                  /*end function */
	                  
	                  /*function to edit account information*/
	                  
	                 function updateUser($post_array){
			
			$fullname = clean($post_array['fullname']);
			$email = clean($post_array['email']);
			$address = clean($post_array['address']);
			$country = clean($post_array['country_selector']);
			$contact_number = clean($post_array['number']);
			$password = md5($post_array['password']);	
			$id = $_SESSION['userid'];
			
			$sql = "UPDATE `users` SET `email` = '$email', `name` = '$fullname', 
			`address` = '$address',`contact_number` = '$contact_number', `password`='$password', 
			`country_iso` = '$country' WHERE `id` = '$id'"; 
			
			if(mysql_query($sql)){
			return 1;
		        } 
			else {
			       return -1;
	                }	
	                }
	                /*end function */
	                
	                public function countryFromIP($ipAddr){
		ip2long($ipAddr)== -1 || ip2long($ipAddr) === false ? trigger_error("Invalid IP", E_USER_ERROR) : "";
		$xml = file_get_contents("http://api.ipinfodb.com/v2/ip_query.php?key=5303dec0898c6a5a0e92ae93c804b9dc1a539e4c0d1f96c6b98c7a0b9ca72ee7&ip=".$ipAddr);
		preg_match("@<CountryCode>(.*?)</CountryCode>@si",$xml,$cc_match);
		$user_country=$cc_match[1];
		return $user_country;
	}
	 
	
	
}

global $users;

$users = new Users();

?>